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In the Claims: 

Please amend Claims 1, 3-5, 13, 16-18, 26, 28-30, 38, and 40-42; and add new Claim 50, 
all as shown below. Applicant respectfully reserves the right to prosecute any originally presented 
claims in a continuing or future application. 

1 . (Currently Amended) A system for single security administration comprising: 

a plurality of first type servers, wherein each of the plurality of first type servers holds group 
information and access control list and includes an LDAP authentication server; 
a second type server that includes an embedded LDAP server; 

a security data repository that resides in the second type server and provides to the second 
type server user security information associated with both the plurality of first type servers and the 
second type server; 

a default secur i ty p l ug i n at each of sa i d p l ura li ty of f i rst type servers that rece i ves 
authent i cat i on requests from c li ents and fo r wards them to sa i d LDAP authent i cat i on se r ver ; and, 

wherein, in response to receiving a request for authentication from a clien t at any one of 
said plurality of first type servers , the system initiates an LDAP session between said one of said 
plurality of first type servers and said second type server, passes query information from said LDAP 
authentication server to said embedded LDAP server, receives corresponding user information, and 
creates a token that reflects an authentication result that can be used by said client. 

2. (Original) The system of claim 1 wherein the system checks a user profile database or user 
profile configuration information to determine where the user security information is stored. 

3. (Currently Amended) The system of claim 1 wherein each of said plurality of first type servers 
is an application enterprise server. 

4. (Currently Amended) The system of claim 1 wherein said second type server is an enterpr i se 

application server. 
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5. (Currently Amended) The system of claim 1 wherein each of said plurality of first type servers 
is a WebLog i c Tuxedo server, and said second server is a Tuxedo Weblogic server. 

6. (Original) The system of claim 1 wherein said client is a Tuxedo client and said request is a 
tpinit call. 

7. (Original) The system of claim 1 wherein said query information is query user information that 
specifies a particular user or group of users. 

8. (Previously Presented) The system of claim 1 wherein the system includes a plurality of servers. 

9. (Original) The system of claim 8 wherein at least two of said plurality of servers include an 
LDAP authentication server. 

10. (Original) The system of claim 1 , further comprising a user information cache that caches a 
copy of said user information. 

1 1 . (Original) The system of claim 1 wherein the system is scalable to include multiple LDAP 
authentication servers and/or multiple embedded LDAP servers. 

12. (Original) The system of claim 1 wherein at least one of said servers include a console 
program for administering the security of the system. 

1 3. (Currently Amended) A method for providing single security administration comprising the 
steps of: 

issuing a call to an LDAP authentication server at one of a plurality of first type servers, 
wherein the one of the plurality of first type servers holds group information and access control list; 

passing query user information from said LDAP authentication server to an embedded 
LDAP server at a second type server, wherein the second type server includes a single security 
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data repository that provides tlie second type server user security information associated witli botli 
tlie one of tlie first type servers and tine second server; 

returning corresponding user information to said LDAP autlientication server; and, 

providing an autlientication tol<en for use by tlie client. 

14. (Original) The method of claim 13, further comprising the step, prior to issuing a call, of 
allowing a client to access a default security plugin. 

1 5. (Previously Presented) The method of claim 1 3, further comprising: 

checking a user profile database or user profile configuration information to determine 
where the user security information is stored. 

16. (Currently Amended) The method of claim 13 wherein each of said plurality of first type 
servers is an app li cat i on enterprise server. 

1 7. (Currently Amended) The method of claim 1 3 wherein said second type server is an enterpr i se 
application server. 

18. (Currently Amended) The method of claim 13 wherein each of said plurality of first type servers 
is a W e bLog i c Tuxedo server, and said second server is a Tuxedo Weblogic server. 

19. (Original) The method of claim 13 wherein said client is a Tuxedo client and said request is 
a tpinit call. 

20. (Previously Presented) The method of claim 1 3 wherein said query user information is query 
user information that specifies a particular user or group of users. 

21 . (Previously Presented) The method of claim 13, further comprising: 

including a plurality of servers. 
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22. (Original) Tlie metliod of claim 21 wherein at least two of said plurality of servers include an 
LDAP authentication server. 

23. (Original) The method of claim 13, further comprising a user information cache that caches 
a copy of said user information. 

24. (Previously Presented) The method of claim 13, further comprising: 

being scalable to include multiple LDAP authentication servers and/or multiple embedded 
LDAP servers. 

25. (Original) The method of claim 13 wherein at least one of said servers include a console 
program for administering the security of the system. 

26. (Currently Amended) A system for single security administration comprising: 

a plurality of [[an]] enterprise server servers, t hat wherein each of the plurality of enterprise 
servers holds group information and access control list; 

[[a]] an p l ura li ty of application servers server , where i n each one of the p l ura li ty of app li cat i on 
se r vers that includes an embedded LDAP server; 

a security data repository that resides in each one of the p l ura li ty of the application servers 
server and provides each one of the p l ura li ty of the application se r vers server with user security 
information that is associated with both the enterpr i se se r ver each of the plurality of enterprise 
servers and each one of the p l ura li ty of the application servers server ; and, 

wherein, in response to receiving a request for authentication from a client of the enterpr i se 
sei=vef one of the plurality of enterprise servers , the system initiates an LDAP session between ©rte 



receives query information from an LDAP authentication server at said enterprise server, creates 
a token that reflects an authentication result that can be used by said client, and communicates 
said token to the enterprise server. 




- the enterprise sei°vei°s server and said enterpr i se application server, 
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27. (Original) Tlie system of claim 26 wherein the system checks a user profile database or user 
profile configuration information to determine where the user security information is stored. 

28. (Currently Amended) The system of claim 26 wherein one of said plurality of app li cat i on 
enterprise rFserverll servers is a WebLog i c Tuxedo server. 

29. (Currently Amended) The system of claim 26 wherein said other enterpr i se application 
server is a Tuxedo Weblogic server. 

30. (Currently Amended) The system of claim 26 wherein one of said plurality of app li cat i on 
enterprise [[serverll servers is a WebLog i c Tuxedo server, and said second other enterpr i se 
application server is a Tuxedo Weblogic server. 

31 . (Original) The system of claim 26 wherein said client is a Tuxedo client and said request is a 
tpinit call. 

32. (Original) The system of claim 26 wherein said query information is query user information that 
specifies a particular user or group of users. 

33. (Previously Presented) The system of claim 26 wherein the system includes a plurality of 
servers. 

34. (Original) The system of claim 33 wherein at least two of said plurality of servers include an 
LDAP authentication server. 

35. (Original) The system of claim 26, further comprising a user information cache that caches a 
copy of said user information. 

36. (Original) The system of claim 26 wherein the system is scalable to include multiple LDAP 
authentication servers and/or multiple embedded LDAP servers. 
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37. (Original) Tlie system of claim 26 wherein at least one of said servers include a console 
program for administering the security of the system. 

38. (Currently Amended) A method for single security administration comprising: 

holding group information and access control list at a plurality of [[an]] enterprise server 
servers : 

receiving, at an LDAP server at one of a plural i ty of an application servers server , a request 
for authentication from a client of one of the plurality of enterprise server servers , wherein the one 
of a p l ura li ty of the application servers server connects to a security data repository for user security 
information associated with both the enterprise server and the application server; 

initiating an LDAP session between said one of the p l ura li ty of application servers server 
and said enterprise server; 

receiving query information from an LDAP authentication server at said enterprise server; 

and, 

creating a token that reflects an authentication result that can be used by said client; and, 
communicating said token to said enterprise server. 

39. (Original) The method of claim 38 wherein the system checks a user profile database or user 
profile configuration information to determine where the user security information is stored. 

40. (Currently Amended) The method of claim 38 wherein one of said plurality of app li cat i on 
enterprise s erver servers is a WebLog i c Tuxedo server. 

41 . (Currently Amended) The method of claim 38 wherein said other enterpr i se application server 
is a Tuxedo Weblogic server. 

42. (Currently Amended) The method of claim 38 wherein one of said plurality of app li cat i on 
enterprise server servers is a WebLog i c Tuxedo server, and said second other enterpr i se 
application server is a Tuxedo Weblogic server. 
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43. (Original) Tlie metliod of claim 38 wherein said client is a Tuxedo client and said request is a 
tpinit call. 

44. (Original) The method ofclaim 38 wherein said query information is query user information that 
specifies a particular user or group of users. 

45. (Previously Presented) The method of claim 38, further comprising: 

including a plurality of servers. 

46. (Original) The method of claim 45 wherein at least two of said plurality of servers include an 
LDAP authentication server. 

47. (Original) The method of claim 38, further comprising a user information cache that caches a 
copy of said user information. 

48. (Previously Presented) The method of claim 38, further comprising: 

being scalable to include multiple LDAP authentication servers and/or multiple embedded 
LDAP servers. 

49. (Original) The method of claim 38 wherein at least one of said servers include a console 
program for administering the security of the system. 

50. (New) A system for single security administration comprising: 

a plurality of first type servers, wherein each of the plurality of first type servers holds user 
security information and includes an LDAP authentication server; 

a second type server that includes an embedded LDAP server; 

a security data repository that resides in the second type server and operate to receive and 
provide to the second type server user security information associated with both the plurality of first 
type servers and the second type server; and. 
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